Initial Publication Date: Advisory Status: Advisory Severity: CVSS Base Score:Legacy ID
10 Jan 2012 Open Medium CVSS v2: 6.8 SA49
IntelligenceCenter uses a version of JBoss that has several publicly documented vulnerabilities. The most severe vulnerability allows a highly skilled attacker to gain complete control over the JBoss installation and possibly complete control over the IntelligenceCenter installation.
All versions of IntelligenceCenter prior to version 126.96.36.199 are vulnerable.
IntelligenceCenter 3.2 - a partial fix for the CVEs listed as having been addressed is available in 188.8.131.52.
IntelligenceCenter 3.1 - a partial fix for the CVEs listed as having been addressed is available in 184.108.40.206 and 220.127.116.11.
IntelligenceCenter 2.1 and earlier - please upgrade to a later version.
IntelligenceCenter's data collector agents prior to version 18.104.22.168 install and use JBoss version 4.0.3. This version of JBoss has several publicly documented vulnerabilities.
The most severe vulnerability allows a highly skilled attacker to gain complete control of the JBoss installation. All data stored by IntelligenceCenter, including configuration data, may be accessible to the attacker. The attacker can also mount a denial of service attack against JBoss rendering IntelligenceCenter completely unresponsive for administrative control as well as data transmission.
CVE-2010-1429, CVSS v2 base score: 3.3 (AV:A/AC:L/Au:N/C:P/I:N/A:N)
CVE-2009-3554, CVSS v2 base score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
CVE-2009-2405, CVSS v2 base score: 2.9 (AV:A/AC:M/Au:N/C:N/I:P/A:N)
CVE-2009-1380, CVSS v2 base score: 2.9 (AV:A/AC:M/Au:N/C:N/I:P/A:N)
CVE-2009-0027, CVSS v2 base score: 3.3 (AV:A/AC:L/Au:N/C:P/I:N/A:N)
CVE-2008-3273, CVSS v2 base score: 3.3 (AV:A/AC:L/Au:N/C:P/I:N/A:N)
CVE-2007-1354, CVSS v2 base score: 4.9 (AV:A/AC:M/Au:S/C:P/I:P/A:P)
CVE-2007-1157, CVSS v2 base score: 6.8 (AV:A/AC:H/Au:N/C:C/I:C/A:C)
CVE-2007-1036, CVSS v2 base score: 5.8 (AV:A/AC:L/Au:N/C:P/I:P/A:P)
CVE-2006-5750, CVSS v2 base score: 5.8 (AV:A/AC:L/Au:N/C:P/I:P/A:P)
When IntelligenceCenter is deployed behind a firewall, as is recommended, an attacker must gain access from the internal network in order to mount an attack. The CVSS base scores included in this advisory are based on this deployment scenario.
If IntelligenceCenter is deployed outside of the firewall. the CVSS base score for all CVEs listed would be higher. The CVSS base score for this security advisory would be a 7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C).
IntelligenceCenter 22.214.171.124 contains an upgrade to JBoss 4.2.2 fixing the CVEs documented in this security advisory.
IMPORTANT NOTE: CVE-2010-1428 and CVE-2010-0738 were mistakenly reported as having been addressed by this upgrade. IntelligenceCenter is still vulnerable to these two CVEs at this time.
Blue Coat recommends that IntelligenceCenter be deployed behind a firewall. Additional constraints on what IP addresses can be used to connect to IntelligenceCenter will greatly limit the ability to attack an IntelligenceCenter installation.
2012-08-09 Notification that CVE-2010-1428 and CVE-2010-0738 were not fixed by the JBoss upgrade. The status was reset to Interim until a fix is obtained.
2012-01-16 Fixed inconsistent version numbers to indicate that the first fix is in 126.96.36.199.
2012-01-10 Initial public release
This is machine translated content
Login to Subscribe
Please login to set up your
Would you like to be subscribed to future notifications for this article?
For security reasons, your link to this document has expired. Please click on the attachment link to access this file.
The attachment that you are looking for no longer exists.
There has been an issue retrieving your attachment. Please try again.
Currently server is down.
Didn't find the article you were looking for? Try these resources.